[Vpn-help] Using PCF Import, but it requires User/Password to Connect?
Matthew Grooms
mgrooms at shrew.net
Tue Oct 6 11:02:24 CDT 2009
Garrett Gyssler wrote:
> Hi Guys,
>
> When I connect using my company’s PCF file and using Cisco software, I
> just click ‘connect.’ It doesn’t require me to insert any user/password.
>
> But, when I import the PCF into Shrew Soft VPN Client (2.1.5 rc4) and
> click connect, it asks for a username/password. I can’t click connect
> without inserting something into both of those fields. If I try to put
> in a bogus user/password, it attempts to connect but will timeout with:
>
Hi Garett,
The username and password authentication mechanism is called Xauth, but
I don't see a way to distinguish between PSK or PSK + Xauth from the
information contained in the PCF file. To make things more complicated,
the authentication type needs to be sent along with the phase1 proposal
which happens before Xauth negotiation. In other words, it can't really
be auto detected by "listening" for an Xauth request without deviating
from the specification.
The bottom line is that you will need to set your authentication method
to Mutual PSK instead of Mutual PSK + Xauth when username / password is
not required.
Hope this helps,
-Matthew
More information about the vpn-help
mailing list